""Thomas N."" wrote in message ... > I am deploying Site-to-site VPN using Cisco IOS routers. I am > wondering what software package offering the management, connectivity > monitoring of tunnels, and content reporting available? How much > it costs? Thanks!
Most people roll-their-own (i.e. use a home-grown solution). They often use the following base programming languages to do so: C, C++, Java, Perl, Python, Tcl, Expect, Ruby, Unix Shell, and similar, less-powerful Microsoft or IBM languages (NT Shell, Visual Basic, VBScript, C#, REXX, JCL, COBOL, etc). Sometimes applications are written in assembly (x86, m68k, mips), but this is less often the case. Sometimes the use of libraries, or modules, are used (net-snmp, libgd, the ANSI/ISO C libraries, C++ STL templates, CPAN Perl modules) other times, horrific sub-languages are created instead (Microsoft Foundation Classes) and munged -- but possibly made useful. Sometimes these are packaged together in the form of commercial (read: over-priced) or open-source software (e.g. MRTG), but often these packages do not meet any specific needs, only generic requirements that often involve complex customization anyways. However, functionality that meets your criteria is available as a $20k or thereabouts software package from Cisco, simply search on their website under Network Management and find a VPN-specific solution that appears to meet your needs. In reality, this sort of package requires more than just "customization", it requires more time and money in the form of "software application babysitting", and late-night calls to Cisco for tech support calls that are followed-up the next day and night by more calls, ad nauseum. For some reason, other commercial products and even the least hardened (or worst coded) open-source software packages do not seem to suffer this "babysitting" complex, while CiscoWorks does. I do not have room in this email to further explain this phenonmenon. You may find that the easiest route is to collect some Cisco IOS SNMP MIB OID's (enough acronyms for you there?) and graph them, while also either using an external application to create thresholds on the OID values (counter or gauge integer types), or an internal polling mechanim such as SAA or RMON alarms and events (and have the thresholds sent to your pager or email or syslog file or operations center monitor). This is often very easily accomplished with NET-SNMP or MRTG, which are open-source and free to download. Others find it is best to have it centrally located in some type of overlord system such as IRCd, or $100M/year software-supported applications made by the likes of the network management triumvirate - HP, CA, and IBM/Tivoli. It is also recommended that you choose one platform/package and not, for example, 3 (especially when you end up spending $300M per year). Often what you hear of as "best-of-breed" is normally just another way of adding additional complexity, under-utilization, and exponential interoperability issues between platforms/packages. -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62426&t=62426 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]